Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Validate the api key 'in' attribute is cookie header or query. #2058

Merged
merged 5 commits into from
Apr 3, 2024

Conversation

stefan521
Copy link
Contributor

@stefan521 stefan521 commented Feb 22, 2024

This is a valid API key definition.

components:
  securitySchemes:
    ApiKeyAuth:        # arbitrary name for the security scheme
      type: apiKey
      in: header       # can be "header", "query" or "cookie"
      name: X-API-KEY  # name of the header, query parameter or cookie

There already is validation that checks the in attribute is present. The purpose of this PR is to validate that the attribute value is one of "header", "query", or "cookie".

Swagger docs for reference.

@stefan521
Copy link
Contributor Author

stefan521 commented Mar 30, 2024

Hey @gracekarina, thank you for looking at my PR! 🙂

I updated the two existing tests that were failing.

 securitySchemes:
    api_key:
      type: apiKey
      namex: api_key
      in: not

Now we get 20 messages instead of 19 because the validation I am adding complains that api_key.in is invalid.

@frantuma frantuma self-assigned this Apr 3, 2024
@frantuma frantuma merged commit c5f50e9 into swagger-api:master Apr 3, 2024
6 checks passed
@frantuma
Copy link
Member

frantuma commented Apr 3, 2024

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants